Advertisement

Short Linkable Ring Signatures for E-Voting, E-Cash and Attestation

  • Patrick P. Tsang
  • Victor K. Wei
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3439)

Abstract

A ring signature scheme can be viewed as a group signature scheme with no anonymity revocation and with simple group setup. A linkable ring signature (LRS) scheme additionally allows anyone to determine if two ring signatures have been signed by the same group member. Recently, Dodis et al. [18] gave a short (constant-sized) ring signature scheme. We extend it to the first short LRS scheme, and reduce its security to a new hardness assumption, the Link Decisional RSA (LD-RSA) Assumption. We also extend [18]’s other schemes to a generic LRS scheme and a generic linkable group signature scheme. We discuss three applications of our schemes. Kiayias and Yung [22] constructed the first e-voting scheme which simultaneously achieves efficient tallying, public verifiability, and write-in capability for a typical voter distribution under which only a small portion writes in. We construct an e-voting scheme based on our short LRS scheme which achieves the same even for all worst-case voter distribution. Direct Anonymous Attestation (DAA) [6] is essentially a ring signature scheme with certain linking properties that can be naturally implemented using LRS schemes. The construction of an offline anonymous e-cash scheme using LRS schemes is also discussed.

Keywords

Ring Signature Blind Signature Trust Platform Module Homomorphic Encryption Cryptology ePrint Archive 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Shi, H., Zhang, C.: Foundations of group signatures: The case of dynamic groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005) (to appear)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027. Springer, Heidelberg (2004)Google Scholar
  4. 4.
    Brands, S.: Untraceable off-line cash in wallets with observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)Google Scholar
  5. 5.
    Bresson, E., Stern, J., Szydlo, M.: Threshold ring signatures and applications to ad-hoc groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 465–480. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. Cryptology ePrint Archive, Report 2004/205 (2004), http://eprint.iacr.org/
  7. 7.
    Camenisch, J., Lysyanskaya, A.: Efficient non-transferable anonymous multishow credential system with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps (2004)Google Scholar
  10. 10.
    Camenisch, J., Piveteau, J.-M., Stadler, M.: An efficient fair payment system. In: Proceedings of the 3rd ACM conference on Computer and communications security, pp. 88–94. ACM Press, New York (1996)CrossRefGoogle Scholar
  11. 11.
    Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)Google Scholar
  12. 12.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)CrossRefGoogle Scholar
  13. 13.
    Chaum, D.: Blind signatures for untraceable payments. In: Crypto 1982, pp. 199–203. Plenum Press, New York (1982)Google Scholar
  14. 14.
    Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)Google Scholar
  15. 15.
    Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)Google Scholar
  16. 16.
    Cohen, J.D., Fischer, M.J.: A robust and verifiable cryptographyically secure election scheme. In: FOCS 1985, pp. 372–382 (1985)Google Scholar
  17. 17.
    Cramer, R., Damgard, I., Schoenmakers, B.: Proof of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  18. 18.
    Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in ad hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Feige, U., Shamir, A.: Zero knowledge proofs of knowledge in two rounds. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 526–544. Springer, Heidelberg (1990)Google Scholar
  20. 20.
    Goldreich, O., Micali, S., Wigderson, A.: Proof that yields nothing but their validity or all languages in NP have zero-knowledge proof system. Journal of the ACM 38(3), 691–729 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Trusted Computing Group. Trusted computing platform alliance (tcpa) main specification, version 1.1a. republished as trusted computing group (tcg) main specifcation, version 1.1b (2001), http://www.trustedcomputinggroup.org
  22. 22.
    Kiayias, A., Yung, M.: The vector-ballot e-voting approach. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 72–89. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  23. 23.
    Liu, J.K., Wei, V.K., Wong, D.S.: Linkable spontaneous anonymous group signature for ad hoc groups (extended abstract). In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 325–335. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  24. 24.
    Lysyanskaya, A., Ramzan, Z.: Group blind digital signatures: A scalable solution to electronic cash. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 184–197. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  25. 25.
    Maitland, G., Boyd, C.: Fair electronic cash based on a group signature scheme. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  26. 26.
    Nakanishi, T., Fujiwara, T., Watanabe, H.: A linkable group signature and its application to secret voting. In: 4th Int’l Symp. on Communicatin Theory and Appl. (1997)Google Scholar
  27. 27.
    Nakanishi, T., Fujiwara, T., Watanabe, H.: A linkable group signature and its application to secret voting. Trans. of Information Processing Society of Japan 40(7), 3085–3096 (1999)MathSciNetGoogle Scholar
  28. 28.
    Nguyen, L., Safavi-Naini, R.: Efficient and provably secure trapdoor-free goup signature schems from bilinear pairings. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 372–386. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  29. 29.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  30. 30.
    Teranishi, I., Furukawa, J., Sako, K.: k-times anonymous authentication. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 308–322. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  31. 31.
    Traoré, J.: Group signatures and their relevance to privacy-protecting off-line electronic cash systems. In: Pieprzyk, J.P., Safavi-Naini, R., Seberry, J. (eds.) ACISP 1999. LNCS, vol. 1587, pp. 228–243. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  32. 32.
    Tsang, P.P., Wei, V.K.: Short linkable ring signatures for e-voting, e-cash and attestation. Cryptology ePrint Archive, Report 2004/281 (2004), http://eprint.iacr.org/
  33. 33.
    Tsang, P.P., Wei, V.K., Au, M.H., Chan, T.K., Liu, J.K., Wong, D.S.: Separable linkable threshold ring signatures. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 384–398. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  34. 34.
    Wei, V.K.: Tracing-by-linking group signatures. Cryptology ePrint Archive, Report 2004/370 (2004), http://eprint.iacr.org/

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Patrick P. Tsang
    • 1
  • Victor K. Wei
    • 1
  1. 1.Department of Information EngineeringThe Chinese University of Hong KongShatin, Hong Kong

Personalised recommendations

Cite paper

Buy options